ExamGecko
Search Search Login
Home Home / Google / Professional Cloud Architect

Google Professional Cloud Architect Practice Test - Questions Answers, Page 14

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication. Which networking approach should you use?
Your company has a Google Cloud project that uses BigQuery for data warehousing on a pay-per-use basis. You want to monitor queries in real time to discover the most costly queries and which users spend the most. What should you do?
Dress4Win has asked you to recommend machine types they should deploy their application servers to. How should you proceed?
You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game programmatic access to a legacy game's Firestore database. Access should be as restricted as possible. What should you do?
Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months. You want to streamline and expedite the analysis and audit process. What should you do?
For this question, refer to the TerramEarth case study. You start to build a new application that uses a few Cloud Functions for the backend. One use case requires a Cloud Function func_display to invoke another Cloud Function func_query. You want func_query only to accept invocations from func_display. You also want to follow Google's recommended best practices. What should you do?
Your company has an application running as a Deployment in a Google Kubernetes Engine (GKE) cluster When releasing new versions of the application via a rolling deployment, the team has been causing outages The root cause of the outages is misconfigurations with parameters that are only used in production You want to put preventive measures for this in the platform to prevent outages What should you do?
A development manager is building a new application. He asks you to review his requirements and identify what cloud technologies he can use to meet them. The application must:
Your company's user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a 99,99% availability SLA under these conditions. However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency testing strategy to ensure the system maintains the SLA once they introduce additional user load. What should you do?
You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine. The script is printing errors that it cannot connect to BigQuery. What should you do to fix the script?

Question 131

Report
Export
Collapse

Your customer wants to do resilience testing of their authentication layer. This consists of a regional managed instance group serving a public REST API that reads from and writes to a Cloud SQL instance.

What should you do?

A.
Engage with a security company to run web scrapers that look your for users' authentication data om malicious websites and notify you if any is found.
A.
Engage with a security company to run web scrapers that look your for users' authentication data om malicious websites and notify you if any is found.
Answers
B.
Deploy intrusion detection software to your virtual machines to detect and log unauthorized access.
B.
Deploy intrusion detection software to your virtual machines to detect and log unauthorized access.
Answers
C.
Schedule a disaster simulation exercise during which you can shut off all VMs in a zone to see how your application behaves.
C.
Schedule a disaster simulation exercise during which you can shut off all VMs in a zone to see how your application behaves.
Answers
D.
Configure a read replica for your Cloud SQL instance in a different zone than the master, and then manually trigger a failover while monitoring KPIs for our REST API.
D.
Configure a read replica for your Cloud SQL instance in a different zone than the master, and then manually trigger a failover while monitoring KPIs for our REST API.
Answers
Suggested answer: C

Question 132

Report
Export
Collapse

Your BigQuery project has several users. For audit purposes, you need to see how many queries each user ran in the last month. What should you do?

A.
Connect Google Data Studio to BigQuery. Create a dimension for the users and a metric for the amount of queries per user.
A.
Connect Google Data Studio to BigQuery. Create a dimension for the users and a metric for the amount of queries per user.
Answers
B.
In the BigQuery interface, execute a query on the JOBS table to get the required information.
B.
In the BigQuery interface, execute a query on the JOBS table to get the required information.
Answers
C.
Use 'bq show' to list all jobs. Per job, use 'bq Is' to list job information and get the required information.
C.
Use 'bq show' to list all jobs. Per job, use 'bq Is' to list job information and get the required information.
Answers
D.
Use Cloud Audit Logging to view Cloud Audit Logs, and create a filter on the query operation to get the required information.
D.
Use Cloud Audit Logging to view Cloud Audit Logs, and create a filter on the query operation to get the required information.
Answers
Suggested answer: C

Question 133

Report
Export
Collapse

You want to automate the creation of a managed instance group. The VMs have many OS package dependencies. You want to minimize the startup time for new VMs in the instance group. What should you do?

A.
Use Terraform to create the managed instance group and a startup script to install the OS package dependencies.
A.
Use Terraform to create the managed instance group and a startup script to install the OS package dependencies.
Answers
B.
Create a custom VM image with all OS package dependencies. Use Deployment Manager to create the managed instance group with the VM image.
B.
Create a custom VM image with all OS package dependencies. Use Deployment Manager to create the managed instance group with the VM image.
Answers
C.
Use Puppet to create the managed instance group and install the OS package dependencies.
C.
Use Puppet to create the managed instance group and install the OS package dependencies.
Answers
D.
Use Deployment Manager to create the managed instance group and Ansible to install the OS package dependencies.
D.
Use Deployment Manager to create the managed instance group and Ansible to install the OS package dependencies.
Answers
Suggested answer: B

Question 134

Report
Export
Collapse

Your company captures all web traffic data in Google Analytics 360 and stores it in BigQuery. Each country has its own dataset. Each dataset has multiple tables. You want analysts from each country to be able to see and query only the data for their respective countries.

How should you configure the access rights?

A.
Create a group per country. Add analysts to their respective country-groups. Create a single group 'all_analysts', and add all country-groups as members. Grant the 'all-analysis' group the IAM role of BigQuery jobUser. Share theappropriate dataset with view access with each respective analyst country-group.
A.
Create a group per country. Add analysts to their respective country-groups. Create a single group 'all_analysts', and add all country-groups as members. Grant the 'all-analysis' group the IAM role of BigQuery jobUser. Share theappropriate dataset with view access with each respective analyst country-group.
Answers
B.
Create a group per country. Add analysts to their respective country-groups. Create a single group 'all_analysts', and add all country-groups as members. Grant the 'all-analysis' group the IAM role of BigQuery jobUser. Share theappropriate tables with view access with each respective analyst country-group.
B.
Create a group per country. Add analysts to their respective country-groups. Create a single group 'all_analysts', and add all country-groups as members. Grant the 'all-analysis' group the IAM role of BigQuery jobUser. Share theappropriate tables with view access with each respective analyst country-group.
Answers
C.
Create a group per country. Add analysts to their respective country-groups. Create a single group 'all_analysts', and add all country-groups as members. Grant the 'all-analysis' group the IAM role of BigQuery dataViewer. Share theappropriate dataset with view access with each respective analyst country-group.
C.
Create a group per country. Add analysts to their respective country-groups. Create a single group 'all_analysts', and add all country-groups as members. Grant the 'all-analysis' group the IAM role of BigQuery dataViewer. Share theappropriate dataset with view access with each respective analyst country-group.
Answers
D.
Create a group per country. Add analysts to their respective country-groups. Create a single group 'all_analysts', and add all country-groups as members. Grant the 'all-analysis' group the IAM role of BigQuery dataViewer. Share theappropriate table with view access with each respective analyst country-group.
D.
Create a group per country. Add analysts to their respective country-groups. Create a single group 'all_analysts', and add all country-groups as members. Grant the 'all-analysis' group the IAM role of BigQuery dataViewer. Share theappropriate table with view access with each respective analyst country-group.
Answers
Suggested answer: A

Question 135

Report
Export
Collapse

You have been engaged by your client to lead the migration of their application infrastructure to GCP. One of their current problems is that the on-premises high performance SAN is requiring frequent and expensive upgrades to keep up with the variety of workloads that are identified as follows: 20TB of log archives retained for legal reasons; 500 GB of VM boot/data volumes and templates; 500 GB of image thumbnails; 200 GB of customer session state data that allows customers to restart sessions even if off-line for several days.

Which of the following best reflects your recommendations for a cost-effective storage allocation?

A.
Local SSD for customer session state data. Lifecycle-managed Cloud Storage for log archives, thumbnails, and VM boot/data volumes.
A.
Local SSD for customer session state data. Lifecycle-managed Cloud Storage for log archives, thumbnails, and VM boot/data volumes.
Answers
B.
Memcache backed by Cloud Datastore for the customer session state data. Lifecycle- managed Cloud Storage for log archives, thumbnails, and VM boot/data volumes.
B.
Memcache backed by Cloud Datastore for the customer session state data. Lifecycle- managed Cloud Storage for log archives, thumbnails, and VM boot/data volumes.
Answers
C.
Memcache backed by Cloud SQL for customer session state data. Assorted local SSD-backed instances for VM boot/data volumes. Cloud Storage for log archives and thumbnails.
C.
Memcache backed by Cloud SQL for customer session state data. Assorted local SSD-backed instances for VM boot/data volumes. Cloud Storage for log archives and thumbnails.
Answers
D.
Memcache backed by Persistent Disk SSD storage for customer session state data. Assorted local SSD-backed instances for VM boot/data volumes. Cloud Storage for log archives and thumbnails.
D.
Memcache backed by Persistent Disk SSD storage for customer session state data. Assorted local SSD-backed instances for VM boot/data volumes. Cloud Storage for log archives and thumbnails.
Answers
Suggested answer: D

Question 136

Report
Export
Collapse

Your web application uses Google Kubernetes Engine to manage several workloads. One workload requires a consistent set of hostnames even after pod scaling and relaunches.

Which feature of Kubernetes should you use to accomplish this?

A.
StatefulSets
A.
StatefulSets
Answers
B.
Role-based access control
B.
Role-based access control
Answers
C.
Container environment variables
C.
Container environment variables
Answers
D.
Persistent Volumes
D.
Persistent Volumes
Answers
Suggested answer: A

Question 137

Report
Export
Collapse

You are using Cloud CDN to deliver static HTTP(S) website content hosted on a Compute Engine instance group. You want to improve the cache hit ratio.

What should you do?

A.
Customize the cache keys to omit the protocol from the key.
A.
Customize the cache keys to omit the protocol from the key.
Answers
B.
Shorten the expiration time of the cached objects.
B.
Shorten the expiration time of the cached objects.
Answers
C.
Make sure the HTTP(S) header "Cache-Region" points to the closest region of your users.
C.
Make sure the HTTP(S) header "Cache-Region" points to the closest region of your users.
Answers
D.
Replicate the static content in a Cloud Storage bucket. Point CloudCDN toward a load balancer on that bucket.
D.
Replicate the static content in a Cloud Storage bucket. Point CloudCDN toward a load balancer on that bucket.
Answers
Suggested answer: A

Explanation:

Reference https://cloud.google.com/cdn/docs/best-practices#using_custom_cache_keys_to_improve_cache_hit_ratio

Question 138

Report
Export
Collapse

Your architecture calls for the centralized collection of all admin activity and VM system logs within your project.

How should you collect these logs from both VMs and services?

A.
All admin and VM system logs are automatically collected by Stackdriver.
A.
All admin and VM system logs are automatically collected by Stackdriver.
Answers
B.
Stackdriver automatically collects admin activity logs for most services. The Stackdriver Logging agent must be installed on each instance to collect system logs.
B.
Stackdriver automatically collects admin activity logs for most services. The Stackdriver Logging agent must be installed on each instance to collect system logs.
Answers
C.
Launch a custom syslogd compute instance and configure your GCP project and VMs to forward all logs to it.
C.
Launch a custom syslogd compute instance and configure your GCP project and VMs to forward all logs to it.
Answers
D.
Install the Stackdriver Logging agent on a single compute instance and let it collect all audit and access logs for your environment.
D.
Install the Stackdriver Logging agent on a single compute instance and let it collect all audit and access logs for your environment.
Answers
Suggested answer: B

Question 139

Report
Export
Collapse

You have an App Engine application that needs to be updated. You want to test the update with production traffic before replacing the current application version.

What should you do?

A.
Deploy the update using the Instance Group Updater to create a partial rollout, which allows for canary testing.
A.
Deploy the update using the Instance Group Updater to create a partial rollout, which allows for canary testing.
Answers
B.
Deploy the update as a new version in the App Engine application, and split traffic between the new and current versions.
B.
Deploy the update as a new version in the App Engine application, and split traffic between the new and current versions.
Answers
C.
Deploy the update in a new VPC, and use Google's global HTTP load balancing to split traffic between the update and current applications.
C.
Deploy the update in a new VPC, and use Google's global HTTP load balancing to split traffic between the update and current applications.
Answers
D.
Deploy the update as a new App Engine application, and use Google's global HTTP load balancing to split traffic between the new and current applications.
D.
Deploy the update as a new App Engine application, and use Google's global HTTP load balancing to split traffic between the new and current applications.
Answers
Suggested answer: B

Question 140

Report
Export
Collapse

All compute Engine instances in your VPC should be able to connect to an Active Directory server on specific ports. Any other traffic emerging from your instances is not allowed. You want to enforce this using VPC firewall rules.

How should you configure the firewall rules?

A.
Create an egress rule with priority 1000 to deny all traffic for all instances. Create another egress rule with priority 100 to allow the Active Directory traffic for all instances.
A.
Create an egress rule with priority 1000 to deny all traffic for all instances. Create another egress rule with priority 100 to allow the Active Directory traffic for all instances.
Answers
B.
Create an egress rule with priority 100 to deny all traffic for all instances. Create another egress rule with priority 1000 to allow the Active Directory traffic for all instances.
B.
Create an egress rule with priority 100 to deny all traffic for all instances. Create another egress rule with priority 1000 to allow the Active Directory traffic for all instances.
Answers
C.
Create an egress rule with priority 1000 to allow the Active Directory traffic. Rely on the implied deny egress rule with priority 100 to block all traffic for all instances.
C.
Create an egress rule with priority 1000 to allow the Active Directory traffic. Rely on the implied deny egress rule with priority 100 to block all traffic for all instances.
Answers
D.
Create an egress rule with priority 100 to allow the Active Directory traffic. Rely on the implied deny egress rule with priority 1000 to block all traffic for all instances.
D.
Create an egress rule with priority 100 to allow the Active Directory traffic. Rely on the implied deny egress rule with priority 1000 to block all traffic for all instances.
Answers
Suggested answer: A
Total 285 questions
Go to page: of 29
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms